General
-
Target
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1N.exe
-
Size
1.9MB
-
Sample
240924-wypwja1dme
-
MD5
aefc9db6299b266732b17284fd21e570
-
SHA1
59ac233b4c821859aaef31b380d73f03ac4c72b7
-
SHA256
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1
-
SHA512
041ddd2dab23cac6dbd962ff2855b951b84168caa1b9b7a999faf6dc185f3428d644392b909288164eb1edc1561c3a1e740b59df6f180327da7a922cfe1bf753
-
SSDEEP
24576:TUd4s3AGKyIRdemONgNyu5dVLaqSPWEmcBfBuI:TJslIT95dUjPWKBl
Static task
static1
Behavioral task
behavioral1
Sample
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
https://api.telegram.org/bot7480318146:AAHneAEj7T3jx1iB2ghJbCQTHlT0BWac8Tg/sendMessage?chat_id=968705978
Targets
-
-
Target
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1N.exe
-
Size
1.9MB
-
MD5
aefc9db6299b266732b17284fd21e570
-
SHA1
59ac233b4c821859aaef31b380d73f03ac4c72b7
-
SHA256
b810da008d810f42c6347c8f3cba222f2a9f58f2d21ef336a03f041d53b9a5a1
-
SHA512
041ddd2dab23cac6dbd962ff2855b951b84168caa1b9b7a999faf6dc185f3428d644392b909288164eb1edc1561c3a1e740b59df6f180327da7a922cfe1bf753
-
SSDEEP
24576:TUd4s3AGKyIRdemONgNyu5dVLaqSPWEmcBfBuI:TJslIT95dUjPWKBl
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2